I need to read/write an azure storage table.
The client program is configured to use a shared access signature to read/write remote azure table.
Can anyone give me a good example of how to construct the authorization header in order to use the sas?
I am getting HTTP error code 403.
Microsoft documentation specified that all the rest API will have to be embedded with an authorization header. By default, the documentation suggests that I can use the storage account access key to generate the HMAC-SHA code for the authorization header. I think I am missing something here.
The whole idea of using a shared access signature (SAS) is to protect the storage account access key. At the same time, the doeumentation seems to suggest that the storage account owner needs to provide the account access key so the client can use the access key to generate the HMAC-SHA code. What am I missing here? can anyone shed some light here? Thanks,
If you're using sas_token in the request url, then you don't need to provide Authorization in the header.
How to check which header should be provided? in the related api page -> go to the Request Headers section -> check each header, if the header is required, then it will be described in it's Description. Here is a screenshot for your reference:
Here are the steps to query entities by using sas_token:
1.Generate sas_token from azure portal. You can refer to the screenshot below:
2.Check which header are required, as per query-entities -> request-headers, we know x-ms-date is required(Authorization is not required here since we're using sas_token). You can provide a value for x-ms-date, like Wed, 13 Jan 2021 01:29:31 GMT.
If you don't know how to get the value for x-ms-date header, you can open powershell -> type Get-Date command -> then it will generate the date:
3.Prepare the request url with sas_token, like below:
https://xxx.table.core.windows.net/testtable(PartitionKey='a1',RowKey='r11')?sv=2019-12-12&ss=t&srt=sco&sp=rwdlacu&se=2021-01-13T09:24:58Z&st=2021-01-13T01:24:58Z&spr=https&sig=xxxxx
4.Use some tools like Postman, send the request with proper header. Here is the test result by using Postman:
Related
I want to retrieve data from a data warehouse that has a web-based API, I need to use an API key for authentication and use the GET / Customers command to retrieve the list of customers data, but when I am using that same thing in postman, it's returning the same documentation page of the data warehouse?
I am new to this any help will be really appreciated.
The URL doesn't look valid:
You need a base URL, endpoint, http method, authentication scheme, and credential or a token etc.
I don't know details about your system and API, so let's see an example:
base url is https://stackoverflow.com; your current base url is localhost:4444, is your server running on your machine? If so, it might be correct, but I assumer you're talking about a server running somewhere else, not on your computer
endpoint (path parameter) is /questions/69883697, in your case /customers
http method is GET and you find it here in Postman; it also means it will not go into query parameters where you put it:
authentication scheme - your docs mentions an api key that goes into a header called Authorization, so you have to set it in Headers, not as a query parameter:
Read carefully what's on your screen, Postman uses the same language as your API documentation, so if your doc speaks about headers, you need to go into Headers tab in Postman.
I am working on the open commerce api on SFCC, I found out something weird and wanted to know why.
When making a get request from the Shop api, the Bearer is not compulsory but on all other requests (patch, post, put, delete...) the Bearer is required.
Anyone knows why ?
The GET requests only fetches data without any modification to the data. All other request methods are usually used to modify data in the backend:
POST -> Create resource
PUT -> Update resource with replace
PATCH -> Partially update resource
DELETE -> remove resource
Also see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods
For that reason you have to authenticate with the OCAPI if you are using one of these methods.
I'm trying to get feedback for push notifications, as described here: https://learn.microsoft.com/en-us/previous-versions/azure/reference/mt705560(v=azure.100).
Upon success, an Azure Storage Container URL is returned, complete with authentication token.
I have the URL:
https://pushpnsfb9bf61499e7c8fe.blob.core.windows.net/00000000002002698042?sv=2015-07-08&sr=c&sig=KbF1GtORNzAaCZH9UP7UFi9wMOYBmBgL%2BXLG3Qau9U0%3D&se=2020-08-29T19:10:17Z&sp=rl
But requesting it returns an authentication error:
<Error>
<Code>AuthenticationFailed</Code>
<Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature...</Message>
<AuthenticationErrorDetail>Signature did not match. String to sign used was... </AuthenticationErrorDetail>
</Error>
I am trying to follow the docs at https://learn.microsoft.com/en-us/azure/storage/blobs/storage-blob-service-sas-create-dotnet?tabs=dotnet#create-a-service-sas-for-a-blob-container. The URL has sr=c, which seems to mean I need a "SAS for a blob container".
But where do I get the token? The returned URL has a sig querystring parameter - I tried using that to sign the request, but it didn't work.
What am I doing wrong?
When we call the Get Platform Notification Services (PNS) feedback rest api, we will get a container url with sas token. And the sas token has read and list permissions at container level. So we can use azure blob rest api to read the content, properties, metadata or block list of any blob in the container or list blobs in the container with the token. For more details, please refer to here
For example
Get container url
Test
a. list blobs
GET https://pushpnsfb2f34ecd6733e74.blob.core.windows.net/00000000002000276266?
<sas token e.t. sv=2015-07-08&sr=c&sig=SQodHcRM6p04ag9rJZBqPDmr1NMd%2FbIWoPzMZrB9TpI%3D&se=2020-09-02T05%3A28%3A07Z&sp=rl>
&restype=container&comp=list
b. read blob content
GET GET https://pushpnsfb2f34ecd6733e74.blob.core.windows.net/00000000002000276266/<blob name>?
<sas token e.t. sv=2015-07-08&sr=c&sig=SQodHcRM6p04ag9rJZBqPDmr1NMd%2FbIWoPzMZrB9TpI%3D&se=2020-09-02T05%3A28%3A07Z&sp=rl>
For more details about Azure Blob rest api, please refer to here.
I am new to using Google API and I am struggling to understand how it works. I want to be able to access a calendar and add events to it. I don't want the user to login every time because it will be a universal calendar that holds invoice due dates so from what I understand I want to use a service account. I created a calendar api project and a service account. I set the calendar share permissions to the project email. I have an API key and a service account key. However, I get confused with understanding how it needs to be authenticated. Unfortunately I am using Filemaker so I don't have any helper libraries to help me. I basically just have a POST option.
The google api documentation states that the insert event call requires authorization:
"This request requires authorization with the following scope (read more about authentication and authorization)" https://www.googleapis.com/auth/calendar"
https://developers.google.com/google-apps/calendar/v3/reference/events/insert
So if I was just using basic POST requests how would I authorize this and which keys do I need? Do I need the API key and Service Account Key? Do i have to use a client key even if I want all users to access the same calendar?
If I need to clarify anything just let me know.
Thanks!
You will need to include a valid access_token in the HTTP headers of your POST request, e.g. Authorization: Bearer ya29.xxxxxxxxxxxxxxxxxx
In order to get a valid access_token, you will need to go through the OAuth2 Authorization process as described at https://developers.google.com/identity/protocols/OAuth2ServiceAccount#authorizingrequests
Note: Please click on "HTTP/REST" to see the details of doing that without using any specific client libraries.
Can anyone guide how to integrate with Silverpop, using OAuth(tokens)?
I referred this link
connecting to web api using c#
and I was able to get access token. After this I don't know how to proceed.
Thanks.
Take a look at my github repo:
https://github.com/marcelluseasley/IBM-Marketing-Cloud-XML-API-Wrapper
It isn't finished, but I started working on an XML API wrapper for the Silverpop API. First of all, if you are trying to integrate with the API, you should be able to contact client support and get a copy of the API PDF.
In any case, you should have a client id, client secret, and refresh token. You will need these three things along with a header value of "refresh_token" for the "grant_type" header key.
So you will first sent a post to https://api(pod number).silverpop.com/oauth/token . This will return an access token in a json dictionary ("access_token").
Any subsequent calls made to the API endpoint (https://api(pod number).silverpop.com/XMLAPI will require that you pass this access token in the header section of your request:
"Authorization:" would be the header key and
"Bearer: (access token)" would be the header value
Looking at my code will make it clearer if you are using Python. Your best bet is to get a copy of the API documentation. You have to be a Silverpop client to get a copy though.
Good luck.
Check the follwing:
http://www.codeproject.com/Articles/758362/SilverPop-Integration
Follow the step by step guide.